MUD Security

In
his holidays, Bob would come back to college and play AberMUD on my
system... One day, on a whim, I fed the MUD persona file passwords
into Crack as a dictionary... Being the lazy guy I am, I forgot to
remove the passwords from the Crack dictionary, and when I posted the
next version to USENET, the words went too. It went to the comp.sources.misc
moderator, came back over USENET, and eventually wound up at Bob's
company. Round trip: ~10,000 miles.

Being a cool kinda student sysadmin dude, Bob ran the new version of Crack when it arrived. When it immediately churned out the root password on his machine, he damn near fainted...
The moral of this story is: never use the same password in two different places, and especially on untrusted systems (like MUDs).

Fortunately, MUD's are among the most secure of the Internet technologies,
because each user interacts with a central server and others can't access a
player's computer directly. Your
primary security risk on a MUD is to confidentiality.
Specific
issues are described below:

Confidentiality. Your conversations
on a MUD may be logged by other users, and used
later in ways you don't want, by, for example, posting them on the web or
Usenet newsgroups. Unless you use your real name (not recommended), this is not
a
large
risk.

Harassment. Your character may be
affected by other
characters in ways that you don't want. For example, another player with more
knowledge of how the MUD works may do things to you that you don't like, like
picking you up and putting you in a different room. In extreme cases, especially
on action oriented MUD's, your character may by killed
by another character, and you will have to start your session over. But you knew that was a risk when you started the game...